Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B88CA/5696E746346511EFAF6DEB4EC4F9AE02/3B0E10B0796811EFA3C83A23C4F9AE02.roa
File: 3B0E10B0796811EFA3C83A23C4F9AE02.roa (raw, json)
Hash identifier: u+hDQm06HZiSkG2rOAvm22baQc/9yKYXvCwlCPddRkQ=
Subject key identifier: 56:57:60:36:FB:01:F9:C1:6F:8A:A4:1C:15:30:C3:CC:08:DC:BD:25
Certificate issuer: /CN=A91B88CA/serialNumber=F625E6CC039026FF5BC9D6BDC42D8D1C18ABF33B
Certificate serial: 2E
Authority key identifier: F6:25:E6:CC:03:90:26:FF:5B:C9:D6:BD:C4:2D:8D:1C:18:AB:F3:3B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9iXmzAOQJv9byda9xC2NHBir8zs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B88CA/5696E746346511EFAF6DEB4EC4F9AE02/3B0E10B0796811EFA3C83A23C4F9AE02.roa
Signing time: Mon 23 Sep 2024 04:56:44 +0000
ROA not before: Mon 23 Sep 2024 04:56:44 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 135883
IP address blocks: 103.117.136.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 23 Sep 2024 06:35:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46 (0x2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B88CA/serialNumber=F625E6CC039026FF5BC9D6BDC42D8D1C18ABF33B
Validity
Not Before: Sep 23 04:56:44 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66f0f50c-1844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0b:c5:59:44:79:50:e8:06:4e:52:49:8d:52:
d1:d5:4e:2c:c1:6f:65:ec:4e:50:da:85:59:e9:6a:
9c:86:2c:24:e0:b0:0c:9c:59:e3:9d:4d:df:b4:ae:
81:a2:13:4e:5b:3c:81:bf:19:4b:26:f1:35:5d:08:
65:23:fd:cf:ba:ad:94:c7:f5:e4:6d:2b:93:c1:c5:
91:38:c5:c9:a9:2a:f5:c1:ac:2c:a2:8d:92:cf:a1:
33:df:9d:dc:3c:dc:3f:b1:2b:2a:04:7d:78:ed:27:
64:c1:a9:45:a0:6c:ac:29:fc:66:07:5d:1e:d6:83:
4d:4e:07:b6:8f:b0:7a:5c:99:4c:8a:72:5d:8b:20:
ad:44:bb:38:6d:e2:fc:47:27:2c:8f:d9:d9:68:08:
61:9c:92:8a:12:61:4a:c5:9a:d7:63:72:17:ba:0c:
9b:dc:53:54:7f:26:fc:a5:b3:41:42:1f:4d:ea:94:
35:fa:57:43:6d:e7:f9:17:49:90:ef:d7:f2:94:e9:
9f:d3:52:41:1d:4e:20:2f:59:83:75:10:60:00:b3:
53:4e:18:06:d5:86:33:7d:3c:78:11:14:e4:f4:a8:
b6:f6:48:51:20:85:5f:8a:b8:85:f8:41:12:92:a2:
6c:88:38:5d:93:ab:02:e4:e4:9a:33:d0:81:04:3b:
bf:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:57:60:36:FB:01:F9:C1:6F:8A:A4:1C:15:30:C3:CC:08:DC:BD:25
X509v3 Authority Key Identifier:
keyid:F6:25:E6:CC:03:90:26:FF:5B:C9:D6:BD:C4:2D:8D:1C:18:AB:F3:3B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B88CA/5696E746346511EFAF6DEB4EC4F9AE02/9iXmzAOQJv9byda9xC2NHBir8zs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9iXmzAOQJv9byda9xC2NHBir8zs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B88CA/5696E746346511EFAF6DEB4EC4F9AE02/3B0E10B0796811EFA3C83A23C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.117.136.0/22
Signature Algorithm: sha256WithRSAEncryption
47:c3:03:1d:59:00:08:94:2f:e3:29:14:97:77:02:13:32:17:
12:d6:1d:89:ef:e5:d9:99:d0:84:7a:10:b1:46:69:1a:ad:14:
75:d5:39:a5:0e:c3:be:b7:a7:4a:5c:15:18:a4:eb:20:70:f1:
db:72:38:63:62:57:2e:c5:d7:e2:d9:de:d3:27:15:f6:0d:15:
ef:0f:12:86:7d:e7:88:f5:30:73:48:0c:5d:31:09:f4:5f:2a:
da:8c:f3:df:32:e3:39:93:ff:28:7e:bc:18:8d:ca:96:39:6c:
10:98:ad:99:a9:54:c6:8e:fe:67:46:68:6d:af:8a:67:c1:91:
05:24:20:09:06:85:14:5b:73:9a:52:86:fb:ee:f4:66:2c:48:
fd:d6:d1:c4:a7:7f:fc:26:1b:1b:6f:df:a6:83:53:76:47:d9:
6f:8d:66:47:f9:e4:11:80:2a:2e:02:c9:70:87:40:84:90:57:
5d:e1:90:34:f9:58:6e:76:c5:2b:38:45:13:a6:16:56:8f:e0:
27:27:6b:e7:0f:56:f7:df:0b:0a:a2:82:0e:f1:4b:9e:1a:62:
7b:c5:d3:24:65:3b:2c:51:dc:0f:76:9f:f2:ca:7a:c5:6e:94:
d2:d8:97:b6:b6:16:38:4f:8e:d0:da:24:04:c6:ef:89:11:81:
ab:6b:8d:15
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBLjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
ODhDQTExMC8GA1UEBRMoRjYyNUU2Q0MwMzkwMjZGRjVCQzlENkJEQzQyRDhEMUMx
OEFCRjMzQjAeFw0yNDA5MjMwNDU2NDRaFw0yNTAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZjBmNTBjLTE4NDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC4C8VZRHlQ6AZOUkmNUtHVTizBb2XsTlDahVnpapyGLCTgsAycWeOdTd+0roGi
E05bPIG/GUsm8TVdCGUj/c+6rZTH9eRtK5PBxZE4xcmpKvXBrCyijZLPoTPfndw8
3D+xKyoEfXjtJ2TBqUWgbKwp/GYHXR7Wg01OB7aPsHpcmUyKcl2LIK1Euzht4vxH
JyyP2dloCGGckooSYUrFmtdjche6DJvcU1R/Jvyls0FCH03qlDX6V0Nt5/kXSZDv
1/KU6Z/TUkEdTiAvWYN1EGAAs1NOGAbVhjN9PHgRFOT0qLb2SFEghV+KuIX4QRKS
omyIOF2TqwLk5Joz0IEEO785AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUVldgNvsB
+cFviqQcFTDDzAjcvSUwHwYDVR0jBBgwFoAU9iXmzAOQJv9byda9xC2NHBir8zsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI4OENBLzU2OTZFNzQ2MzQ2
NTExRUZBRjZERUI0RUM0RjlBRTAyLzlpWG16QU9RSnY5YnlkYTl4QzJOSEJpcjh6
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOWlYbXpBT1FKdjlieWRhOXhDMk5IQmlyOHpzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
ODhDQS81Njk2RTc0NjM0NjUxMUVGQUY2REVCNEVDNEY5QUUwMi8zQjBFMTBCMDc5
NjgxMUVGQTNDODNBMjNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAmd1iDANBgkqhkiG9w0BAQsFAAOCAQEAR8MDHVkACJQv4ykU
l3cCEzIXEtYdie/l2ZnQhHoQsUZpGq0UddU5pQ7DvrenSlwVGKTrIHDx23I4Y2JX
LsXX4tne0ycV9g0V7w8Shn3niPUwc0gMXTEJ9F8q2ozz3zLjOZP/KH68GI3Kljls
EJitmalUxo7+Z0Zoba+KZ8GRBSQgCQaFFFtzmlKG++70ZixI/dbRxKd//CYbG2/f
poNTdkfZb41mR/nkEYAqLgLJcIdAhJBXXeGQNPlYbnbFKzhFE6YWVo/gJydr5w9W
998LCqKCDvFLnhpie8XTJGU7LFHcD3af8sp6xW6U0tiXtrYWOE+O0NokBMbviRGB
q2uNFQ==
-----END CERTIFICATE-----
Generated at Mon Sep 23 07:59:20 2024 by rpki-client on console-fra.rpki-client.org